30 terraform interview questions to Boost Your Preparation

Terraform, a popular infrastructure as code (IaC) tool, may be asked in DevOps Interview or cloud engineer interviews. Terraform lets you declaratively manage virtual machines, containers, and databases using code. We’ve put together a list of 30 Terraform interview questions on everything from Terraform basics to multi-cloud environments and continuous delivery pipelines to help you prepare. These questions will test your Terraform knowledge and help you understand this powerful tool, whether you’re new or experienced.

Terraform Interview Questions
Terraform Interview Questions

Q.1 What is Terraform, and what problems does it solve?

Terraform is HashiCorp’s open-source infrastructure as code (IaC) tool. It lets you define and manage your infrastructure as code, so you can write code to provision and configure servers, databases, and networks instead of doing it manually.

Terraform solves several infrastructure resource provisioning and management issues. Problems include:

  • Resource Management: Terraform automates resource creation, updating, and deletion by specifying them in code.
  • Infrastructure Versioning: Terraform simplifies infrastructure updates and rollbacks.
  • Terraform supports several cloud platforms and on-premise infrastructure, making multi-cloud resource management easy.
  • Resource Dependencies: Terraform automatically creates resources in the right sequence and configures dependencies.
  • Repeatability: Terraform simplifies infrastructure provisioning and management, reducing human error and maintaining consistency.

Q.2 How does Terraform differ from other infrastructures as code tools?

Terraform, a prominent infrastructure as code (IAC) technology, has several differences from others:

  • Declarative Syntax: Terraform’s declarative syntax lets developers specify their infrastructure’s appearance rather than its implementation. This simplifies infrastructure resource representation.
  • Terraform supports several cloud platforms and on-premise infrastructure. This simplifies multi-cloud resource management.
  • Resource Graph: Terraform uses a resource graph to manage resource dependencies efficiently.
  • State Management: Terraform uses a state file to track infrastructure resource changes and make choices.
  • Providers: Terraform manages resources across many cloud platforms using providers.
  • Modules: Terraform modules let developers package and reuse code, simplifying complicated infrastructure installations.

Terraform’s huge and active community contributes modules, plugins, and tutorials.

Q.3 How do you manage the infrastructure state with Terraform?

State files handle Terraform infrastructure state. The state file represents Terraform’s infrastructure resources. It covers resource configurations and interactions.

Terraform modifies the state file after each run to accurately reflect infrastructure state. Terraform uses this state information to alter infrastructure resources to match the Terraform configuration files.

Terraform state file management options include:

  • Local State: Terraform keeps the state file locally by default, making it easier for small or single-user projects.
  • Remote State: Terraform lets multiple people view and manage the state file remotely. This helps with sophisticated state management in large or multi-user projects.
  • Locking State: Terraform can lock the state file to prevent concurrent changes.
  • Backing Up State: Terraform can backup the state file to restore it if data is lost.

Q.4 How do you manage secrets in Terraform?

Terraform secrets help secure passwords, API keys, and private certificates. Terraform’s secret management methods include:

  • Environment Variables: Terraform can store secrets in environment variables. This helps with tiny projects that just need secrets during Terraform.
  • Terraform Variables: Terraform variables contain secrets in plain text in Terraform configuration files. AWS Key Management Service (KMS) or HashiCorp Vault should be used to restrict access and encrypt certain files.
  • External Sources: Terraform can retrieve secrets from secure sources using external variables like files or HTTP requests.

Terraform integrates with HashiCorp Vault, a secret storage and management tool. This secures secrets by letting Terraform retrieve them from Vault throughout a run.

Choose a strategy that matches your organization’s security needs and constantly examine and update your secret management processes to keep them secure.

Q.5 How do you organize Terraform code into reusable modules?

Reusable Terraform modules make complicated infrastructure installations easier to manage. Terraform code is organised into modules in multiple steps:

  • Identify the Components: Find your infrastructure’s multi-use parts. These parts can form modules.
  • Inputs: Define variables and data sources for each module. This simplifies module customization for varied use cases.
  • Outputs: Define each module’s outputs, such as a load balancer’s DNS name or a server’s IP address. This simplifies Terraform code references to module resources.
  • Write Terraform Code: Define each module’s resources and relationships in Terraform code.
  • Test the Module: Test the module to make sure it works and can be utilised in many circumstances.
  • Document the Module: Document the module’s inputs, outputs, and anticipated behaviour to make it easier to use and understand.
  • Publish the Module: Publish the module to a public or private registry, such as the Terraform Registry, to make it easier to find and use.

Organizing Terraform code into reusable modules entails identifying components, defining inputs and outputs, writing Terraform code, testing the module, documenting it, and publishing it to a registry. It simplifies complex infrastructure deployments and improves team cooperation.

Q.6 Can you explain how Terraform provisions infrastructure resources?

Terraform uses configuration files to provision infrastructure. Terraform’s HashiCorp Configuration Language (HCL) configuration file describes resource types, properties, and relationships.

Terraform may provision resources with the configuration file. Steps typically include:

  • Terraform init initialises Terraform. This stage downloads plugins and providers to provision configuration file resources.
  • Plan: Running terraform blueprint provides a plan for adjustments. This stage analyses the configuration file to identify infrastructure actions.
  • Terraform apply applies infrastructure modifications. This stage builds, changes, or deletes resources to achieve the required infrastructure state.
  • Terraform validate checks infrastructure status. This phase confirms that the infrastructure matches the configuration file.
  • Terraform uses providers to talk to AWS, Azure, and GCP. Provider plugins implement Terraform resource types for a cloud provider.

Q.7 Can you explain the difference between Terraform’s “apply” and “plan” commands?

Terraform apply and terraform plan are essential infrastructure resource management commands.

The terraform plan command provides a plan for Terraform to update the infrastructure to match the configuration files. The plan lists new, updated, and removed resources and changes to existing ones. The plan estimates change costs.

The terraform apply command applies infrastructure changes to obtain the desired condition. Terraform executes the plan by generating, updating, or destroying resources when you run the terraform apply command.

Q.8 How do you handle multi-cloud deployments with Terraform?

Terraform describes the intended infrastructure state in a single configuration file and subsequently provisions resources across various cloud providers.

  • Providers, which implement Terraform resource types for a cloud provider, enable multi-cloud deployments in Terraform. Terraform lets you write one configuration file to provision resources across different cloud providers including Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).
  • Terraform can manage multi-cloud deployments with different provider blocks in your configuration file. Each provider block contains the cloud provider’s access keys and connection data.
  • Terraform’s native resource types can be used in your configuration file’s resource blocks to create, update, and delete resources across various cloud providers. Terraform automatically converts resource definitions into cloud provider-specific resource types.
  • A configuration file may build an AWS VM and an Azure virtual network. Terraform will use AWS to generate the VM and Azure to create the virtual network.

Q.9 How do you handle multiple teams using Terraform in the same organization?

To avoid conflicts, various Terraform-using teams in the same organisation must coordinate and collaborate. Best practises for managing Terraform teams within an organisation:

  • Create a centralised repository: Store and manage Terraform code in a VCS like Git. This simplifies Terraform code version management, collaboration, and tracking changes.
  • Use Terraform modules: Encourage teams to structure their Terraform code into shared modules. This simplifies network infrastructure management and assures that all teams use the same version.
  • Implement a change management process: Require teams to submit Terraform code modifications to a common repository for evaluation and approval before applying to infrastructure. This prevents unexpected infrastructure modifications and controls and audits them.
  • Use Terraform’s remote state management features: Encourage teams to use Terraform Cloud or Terraform Enterprise to consolidate and safeguard their Terraform-managed infrastructure’s state. Teams can easily cooperate and exchange infrastructure information.
  • Name Terraform resources: Use prefixes or suffixes to indicate the resource’s team or department. This simplifies team resource identification and prevents naming disputes.

Q.10 Can you explain the role of Terraform Workspaces?

  • Terraform Workspaces let you manage numerous infrastructure instances with different states. Workspaces are useful for creating development, staging, and production environments or managing several instances of the same infrastructure for testing modifications or deploying to different regions.
  • A Terraform Workspace holds state. Each workstation has a unique state. This lets you manage numerous infrastructure instances with different states without affecting others.
  • Terraform Workspaces let you govern and isolate numerous instances of the same infrastructure with their own states. Workspaces let you manage development, staging, and production environments in one Terraform configuration. This makes it easy to switch environments and deploy and test changes before releasing them to production.
  • Terraform workspace new creates a new workspace, and terraform workspace choose selects it. Terraform workspace list can list available workspaces.

You can Also Have a Look to 30+ DevOps Basic Interview Questions

Q. 11 How do you handle dependencies between resources in Terraform?

In Terraform, dependencies between resources can be managed using the “depends_on” argument in resource definitions. The “depends_on” argument allows you to specify the resources that a resource depends on and the order in which resources should be created and destroyed.

For example, if you have a resource “A” that depends on resource “B”, you can specify this dependency as follows:

resource "A" {

depends_on = [ "B" ]

# resource A definition

}

resource "B" {

# resource B definition

}

Q.12 Can you explain how you can use Terraform to manage DNS entries?

Terraform can manage DNS entries using DNS-integrated providers. Terraform plugins connect Terraform to a service or technology.

Terraform supports Amazon Web Services’ managed DNS service Amazon Route 53. (AWS). The Terraform Route 53 provider creates and manages hosted zones and DNS records within them.

Terraform may establish a Route 53 hosted zone with an A record.

Q.13 Can you explain how to use Terraform to manage network security groups and firewalls?

Network security groups (NSGs) are an important part of network security in Azure. They can be used to filter incoming and outgoing network traffic based on rules. On the other hand, firewalls are used to keep unauthorised people from getting into network resources. They can be managed with Azure Firewall or other third-party firewalls.

Here are the steps to manage NSGs and firewalls using Terraform:

  1. Define the network security group and firewall resources in your Terraform configuration file using the appropriate Azure provider blocks.
provider "azurerm" {
  features {}
}

resource "azurerm_network_security_group" "example" {
  name                = "example-nsg"
  location            = azurerm_resource_group.example.location
  resource_group_name = azurerm_resource_group.example.name

  security_rule {
    name                       = "allow-ssh"
    priority                   = 100
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                   = "Tcp"
    source_port_range          = "*"
    destination_port_range     = "22"
    source_address_prefix      = "*"
    destination_address_prefix = "*"
  }
}

resource "azurerm_firewall" "example" {
  name                = "example-firewall"
  location            = azurerm_resource_group.example.location
  resource_group_name = azurerm_resource_group.example.name

  ip_configuration {
    name                          = "firewall-config"
    public_ip_address_id          = azurerm_public_ip.example.id
    subnet_id                     = azurerm_subnet.example.id
    private_ip_address_allocation = "Dynamic"
  }

  threat_intel_mode = "Alert"

  network_rule {
    name                      = "allow-ssh"
    priority                  = 100
    action                    = "Allow"
    direction                 = "Inbound"
    source_addresses          = ["*"]
    destination_ports         = ["22"]
    protocols                 = ["TCP"]
    source_ip_groups           = []
    destination_ip_groups      = []
    destination_fqdns          = []
    destination_fqdn_tags      = []
    destination_asgs           = []
    destination_virtual_hubs   = []
    source_ip_groups_override = false
  }
}

In this example, we’re defining an NSG resource with a single security rule that allows incoming SSH traffic on port 22. We’re also defining a firewall resource with a single network rule that allows incoming SSH traffic on port 22.

2. Configure the backend to store and manage state in a remote location, such as Azure Blob Storage or AWS S3.

terraform {
  backend "azurerm" {
    storage_account_name = "example"
    container_name       = "tfstate"
    key                  = "example.tfstate"
  }
}

This step is optional, but highly recommended, as it enables you to manage Terraform state in a more secure and reliable manner.

3. Initialize the Terraform configuration and apply it to create the NSG and firewall resources.

terraform init
terraform apply

4. Update the Terraform configuration to modify or delete the NSG and firewall resources as needed.

resource "azurerm_network_security_group" "example" {
  name                = "example-nsg"
  location            = azurerm_resource_group.example.location
  resource_group_name = azurerm_resource_group.example.name

  security_rule {
    name                       = "allow-ssh"
    priority                   = 100
    direction                  =

Q.14 Can you give an example of how you would use Terraform to provision a virtual machine in a public cloud?

In this case, the AWS provider is set up to use the us-west-2 region. Then, we make a new security group that lets both HTTP and SSH traffic through. Lastly, we set up a new EC2 instance with the AMI and instance type we chose earlier and add it to the security group we made earlier. We also set up an SSH connection to the instance and give the instance a name tag.

# Configure the AWS provider
provider "aws" {
  region = "us-west-2"
}

# Create a new security group
resource "aws_security_group" "web_server" {
  name        = "web_server"
  description = "Allow HTTP and SSH traffic"
  vpc_id      = var.vpc_id

  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }
}

# Provision a new EC2 instance
resource "aws_instance" "web_server" {
  ami           = "ami-0c55b159cbfafe1f0"
  instance_type = "t2.micro"
  key_name      = var.key_name
  vpc_security_group_ids = [
    aws_security_group.web_server.id,
  ]

  connection {
    type     = "ssh"
    user     = "ec2-user"
    private_key = file("${var.key_path}/${var.key_name}.pem")
    host     = self.public_ip
  }

  tags = {
    Name = "web-server"
  }
}

Q.15 Can you explain how you would use Terraform to manage and deploy a containerized application?

# Configure the Kubernetes provider
provider "kubernetes" {
  config_context_cluster = var.cluster_context
}

# Create a Kubernetes deployment
resource "kubernetes_deployment" "myapp" {
  metadata {
    name = "myapp"
  }

  spec {
    replicas = 3

    selector {
      match_labels = {
        app = "myapp"
      }
    }

    template {
      metadata {
        labels = {
          app = "myapp"
        }
      }

      spec {
        container {
          image = "myregistry/myapp:latest"
          name  = "myapp"
          port {
            container_port = 8080
          }
        }
      }
    }
  }
}

# Create a Kubernetes service to expose the deployment
resource "kubernetes_service" "myapp" {
  metadata {
    name = "myapp"
  }

  spec {
    selector = {
      app = "myapp"
    }

    port {
      port        = 80
      target_port = 8080
    }

    type = "LoadBalancer"
  }
}

To use the specified cluster context, we are configuring the Kubernetes provider in this example. After that, we build a Kubernetes deployment that details how many replicas to make, the container image to use, and the port the container should listen on. The deployment is also made available as a load-balanced service on port 80 via a Kubernetes service that is also created.

Use the terraform apply command to create or modify the Kubernetes resources provided in the configuration, which will then deploy the containerized application. As necessary, resources will be added, updated, or removed by Terraform, which will manage the resources’ lifecycle automatically.

This is merely a simple illustration, and you can alter the configuration to suit your unique requirements by include environment variables, volumes, or other Kubernetes resources.

Q.16 Can you explain the difference between Terraform and Ansible?

FeatureTerraformAnsible
PurposeInfrastructure as code tool for provisioning and managing resourcesConfiguration management tool for automating server configuration and application deployments
SyntaxDeclarative language (HCL)Imperative language (YAML)
Resource typesSupports a wide variety of cloud and on-premises infrastructure resourcesSupports a wide variety of servers, network devices, and applications
Resource lifecycle managementManages the full lifecycle of resources, including creation, updates, and deletionsManages only the desired state of resources, relying on external tools to perform the actual updates
ProvisioningCan provision resources directly or use external tools such as cloud-init or ChefCan only manage existing resources
OrchestrationCan orchestrate complex deployments across multiple cloud providers or on-premises infrastructureCan orchestrate complex deployments but is primarily focused on server configuration
State managementUses a state file to track the current state of resourcesDoes not have a built-in state management mechanism
CollaborationSupports collaboration through version control systems such as GitSupports collaboration through version control systems and a central management console
Learning curveCan be more complex to learn and use effectively, particularly for large-scale deploymentsGenerally has a lower learning curve, particularly for server configuration tasks

While there are some functions that overlap between Terraform and Ansible, their design goals and strengths and limitations are different. Ansible focuses on server setup and application deployment, while Terraform focuses on infrastructure provisioning and administration. The precise needs and project context determine which tool is better suited for a certain task.

Q.17 How do you use Terraform to manage load balancers?

Load balancers in a number of cloud providers, such as AWS, Azure, and Google Cloud Platform, can be managed with Terraform. The general measures to take are listed below:

  • Create the load balancer resource by defining it in your Terraform configuration file and including the essential details, such as the type of load balancer, the protocol, the port, and the target groups or backend servers.
  • Create the load balancer: For the load balancer resource to be created in the cloud provider, use the terraform apply command. In accordance with the details in your configuration file, Terraform will communicate with the provider API to build the load balancer.
  • Changes to the load balancer settings can be managed in the same way as any other resource managed by Terraform: in the Terraform configuration file and then by using the terraform apply command. Terraform will identify the discrepancies between the load balancer’s desired and actual states and make the required adjustments to bring them into line.
  • With the terraform destruct command, you can remove the load balancer from the cloud provider if you no longer require it.

Your infrastructure will always be current and consistent across environments if you use Terraform to handle load balancers. You can work with other team members on modifications and version control your infrastructure settings as well.

Q.18 Can you explain how to use Terraform to manage database deployments?

Terraform manages database deployments in AWS, Azure, and Google Cloud Platform. General steps:

  • Configure the database resource: In your Terraform configuration file, specify the database engine, storage capacity, database name, username, and password.
  • Database: Terraform apply creates the cloud database resource. Terraform will create the database using the provider API and your configuration file.
  • Manage database changes: Terraform configuration file changes can be implemented with the terraform apply command. Terraform will find and fix database discrepancies.
  • Destroy the database: Use terraform destroy to delete the database from the cloud provider.

Terraform can manage security groups, network settings, backups, and databases. Terraform can keep your database deployments up to date and consistent across environments. You may also version control and collaborate on infrastructure modifications.

Q.19 How do you version control your Terraform code?

Terraform integrates with Git and other SCM tools to support infrastructure as code version control. Version control Terraform code:

  • If you haven’t already, create a new repository in your SCM tool (GitHub, GitLab, Bitbucket, etc.) to store your Terraform code.
  • Initialize the repository: Add a README file, configuration files, and a.gitignore file to exclude sensitive data.
  • Initialize Terraform: Run terraform init in the local Terraform project directory. This initialises Terraform and creates the necessary files and directories, including a.terraform directory for provider plugins and a terraform.tfstate file for infrastructure state.
  • Make Terraform code changes in a new repository branch.
  • Make Terraform code changes to provision or modify infrastructure resources.
  • Verify: Run terraform plan to preview infrastructure changes.
  • If the preview looks good, run the terraform apply command to apply the infrastructure changes.
  • Commit the changes: Once you’re satisfied, commit the branch and push the repository.
  • Create a pull request: Merge the branch’s changes into the repository’s main branch. Before merging into the main branch, other team members can review and provide feedback.

You can Read the 30+ DevOps Intermediate Interview Questions

Q.20 Can you explain how to handle multiple environments (e.g. dev, staging, prod) in Terraform?

Terraform requires separate infrastructure resources for development, staging, and production. This method prevents environment changes from affecting others.

Terraform workspaces or environment-specific directories can manage multiple environments. Terraform’s multi-environment management steps:

  • Make an environment-specific directory: Develop, staging, and production directories.
  • Terraform each environment: Create a Terraform configuration file for each directory that defines its infrastructure resources.
  • Variables make configuration files reusable across environments.
  • Use a state file for each environment to avoid conflicts. S3 or Azure Blob Storage can hold state files.
  • Terraform workspaces manage multiple environments with one set of configuration files. Workspaces make switching environments easy.
  • Conditionals in configuration files define infrastructure resources for different environments. A conditional could define a larger instance type for production than staging.

Q.21 Can you explain how to use Terraform to manage a continuous delivery pipeline?

Terraform automates infrastructure deployment for continuous delivery pipelines. Build, deployment, load balancer, and database servers are included.

Terraform steps to manage a continuous delivery pipeline:

  • Define pipeline resources in a Terraform configuration file, including servers, databases, and load balancers.
  • Terraform modules define pipeline stages like build, test, and deploy. Pipelines can reuse these modules.
  • Use Git to manage Terraform code. This lets you track pipeline resource changes and revert them.
  • Jenkins or CircleCI can automate pipeline resource deployment. Configure Terraform to create and manage pipeline infrastructure resources.
  • Use environment variables to store sensitive data like API keys and pipeline service credentials.
  • Automated pipeline tests verify infrastructure resource creation and configuration.

Q.21 Can you explain how to test Terraform code?

Testing Terraform code before deployment ensures infrastructure is deployed correctly and catches errors. Terraform code testing methods include:

  • Unit testing: Testing individual resources or modules to ensure proper operation. Terraform’s Terratest framework allows unit testing.
  • Integration testing: This verifies the infrastructure stack’s functionality. Test Kitchen or Packer can help.
  • Acceptance testing: Users verify that the infrastructure meets their needs. Serverspec and InSpec can perform acceptance testing.
  • Code analysis: Static analysis tools check Terraform code for errors. TFLint and Checkov can help.

Q.22 How do you handle rollbacks in Terraform?

Terraform provides tools for rollbacks, which are crucial to infrastructure deployment. Terraform rollback strategies:

  • Before changing infrastructure, back up state files. This lets you undo changes easily.
  • Version control: Version and tag Terraform code in Git. If necessary, you can revert.
  • Use “apply” and “destroy” commands: If a deployment fails or you need to roll back a change, use “terraform apply” and “terraform destroy” to apply or destroy a previous infrastructure version.
  • “State”: The “terraform state” command displays and modifies Terraform state. This command modifies the state file to roll back a resource.
  • Change infrastructure with a continuous delivery pipeline. This lets you quickly undo changes.

Q.23 Can you explain how to use Terraform to manage cloud resource costs?

Terraform offers several cloud resource cost management options. Terraform offers several ways to control cloud resource costs:

  • Resource sizing: Terraform lets you size virtual machines and storage accounts. Selecting the right resource size optimises performance and cost.
  • Resource tagging: Terraform lets you label virtual machines, storage accounts, and databases to track usage and costs.
  • Resource lifecycle management: Terraform lets you automate resource scaling and deletion after a certain time.
  • Cost estimation: Use Terraform to estimate resource costs before deployment. This tool helps you assess infrastructure costs and manage resources.
  • Spot instances, reserved instances, and autoscaling are among Terraform’s cost-optimization features. These features lower cloud infrastructure costs.

Q.24 How do you handle sensitive information such as credentials in Terraform?

Terraform offers several cloud resource cost management options. Terraform offers several ways to control cloud resource costs:

  • Resource sizing: Terraform lets you size virtual machines and storage accounts. Selecting the right resource size optimises performance and cost.
  • Resource tagging: Terraform lets you label virtual machines, storage accounts, and databases to track usage and costs.
  • Resource lifecycle management: Terraform lets you automate resource scaling and deletion after a certain time.
  • Cost estimation: Use Terraform to estimate resource costs before deployment. This tool helps you assess infrastructure costs and manage resources.
  • Spot instances, reserved instances, and autoscaling are among Terraform’s cost-optimization features. These features lower cloud infrastructure costs.

Q.25 Can you explain how to use Terraform to manage AWS Lambda functions?

Yes, Terraform can be used to manage AWS Lambda functions as well as the associated AWS infrastructure that supports them. Here’s an example of how to use Terraform to create a Lambda function in AWS:

  1. Define the AWS provider and the Lambda function resource:
javaCopy codeprovider "aws" {
  region = "us-west-2"
}

resource "aws_lambda_function" "example" {
  filename      = "function.zip"
  function_name = "example_lambda_function"
  role          = aws_iam_role.example.arn
  handler       = "index.handler"
  runtime       = "nodejs14.x"

  source_code_hash = filebase64sha256("function.zip")

  environment {
    variables = {
      key = "value"
    }
  }
}
  1. Define an IAM role that the function will use:
pythonCopy coderesource "aws_iam_role" "example" {
  name = "example_lambda_role"

  assume_role_policy = jsonencode({
    Version = "2012-10-17"
    Statement = [
      {
        Action = "sts:AssumeRole"
        Effect = "Allow"
        Principal = {
          Service = "lambda.amazonaws.com"
        }
      }
    ]
  })
}
  1. Define any additional resources that the function requires, such as an S3 bucket to store its code:
pythonCopy coderesource "aws_s3_bucket" "example" {
  bucket = "example-bucket"
  acl    = "private"
}
  1. Use the terraform apply command to create the resources in AWS.
rubyCopy code$ terraform apply

This will create the Lambda function and the associated resources in AWS. Any changes to the Terraform code can be made and applied through this workflow.

In addition to creating and managing the Lambda function, Terraform can also be used to manage the event sources that trigger the function and any other resources required by the function, such as security groups or IAM policies.

And the Most Awaited 30+ DevOps Advanced Interview Questions

Q.26 Can you explain how to use Terraform to manage Microsoft Azure resources?

  • Install the Azure CLI and Terraform on your local machine to use Terraform with Azure.
  • Log into Azure CLI and run az login to authenticate with Azure. This opens a browser window for Azure login.
  • Create a Terraform configuration file (.tf extension) to describe your Azure resources’ desired state. Virtual machines, storage, and network interfaces are examples.
  • Configure the Azure provider: In your Terraform configuration file, specify the Azure subscription, resource location, and other settings.
  • Define Azure resources using Terraform modules in your Terraform configuration file. These modules can include Azure-specific resource types like azurerm virtual machine or azurerm storage account.
  • Apply your Terraform configuration with the terraform apply command. This will configure Azure resources to match your configuration file.
  • Terraform destroy: Use it to remove Azure resources. This deletes Terraform configuration file resources.
  • Can you explain how to use Terraform to manage Google Cloud Platform resources?

Q.28 Can you explain how to use Terraform to manage Kubernetes clusters?

  • Set up your Kubernetes environment before using Terraform to manage your resources.
  • Configure the Kubernetes provider in your Terraform code: You must configure the Kubernetes provider in Terraform by specifying the server address, client certificate, client key, and cluster CA certificate.
  • Define Kubernetes resources in Terraform after setting up the provider. Deployments, services, config maps, secrets, and other Kubernetes objects are examples.
  • Apply Terraform code: Use “terraform apply” to provision Kubernetes resources in your cluster after defining them in Terraform code. Terraform creates, updates, and deletes resources to match your Terraform code.
  • Manage the lifecycle of your Kubernetes resources: After your Kubernetes resources are provisioned, you can continue to manage their lifecycle using Terraform. Terraform lets you change resource configurations, scale them, and delete them.

Q.29 Can you give an example of how you have used Terraform in a real-world project?

In a previous project, I worked on building and deploying a microservices architecture on AWS using Docker containers and Kubernetes. I used Terraform to manage the infrastructure required for the project.

Here’s an overview of the project and how I used Terraform:

  1. Architecture: The microservices architecture was built on AWS using Docker containers and Kubernetes. The architecture consisted of an API Gateway, multiple microservices, a database cluster, and a Kubernetes cluster.
  2. Infrastructure as Code: I used Terraform to manage the infrastructure required for the project. I wrote Terraform code to provision the following resources:
  • VPC, subnets, and route tables
  • Security groups and network ACLs
  • Elastic Load Balancers
  • RDS database cluster
  • Elastic Kubernetes Service (EKS) cluster
  • Auto Scaling Groups (ASGs) for the microservices
  1. Continuous Deployment: I used CircleCI for continuous deployment. When changes were pushed to the codebase, CircleCI would build a Docker image and push it to an ECR repository. Then, using Terraform, I would update the ASGs with the new Docker image version, which would trigger a rolling update of the microservices.
  2. Testing: I used Terratest to write and run automated tests against the Terraform code. These tests would ensure that the infrastructure was created correctly and that there were no configuration errors.
  3. Cost Management: I used Terraform Cloud’s cost estimation feature to estimate the cost of the infrastructure. This helped the team to stay within budget and avoid unexpected costs.

Q.30 Can you Explain the Terraform Architecture?

Terraform builds, changes, and versions infrastructure safely and efficiently. Terraform architecture supports several crucial features:

  • State management: Terraform keeps track of your infrastructure resources’ creation, configuration, and needed updates. Terraform uses a state file, either locally or remotely, to accurately update and build resources.
  • Declarative Configuration: Terraform describes infrastructure states declaratively. This lets you describe your infrastructure without writing the steps. Terraform figures out how to get there.
  • Terraform can provision resources from AWS, Google Cloud Platform, and Microsoft Azure. Providers use the infrastructure to create, update, and delete resources.
  • Multi-cloud Support: Terraform supports numerous cloud providers, enabling unified infrastructure resource management across clouds. This simplifies multi-cloud deployments and provider switching.
  • Modular Design: Terraform lets you divide your infrastructure into smaller, reusable components. This simplifies managing vast, complicated infrastructure and ensuring that component modifications do not affect other components.
Avatar photo